2021 18th International Conference on Privacy, Security and Trust (PST)最新文献_第3页

Trust Quantification for Autonomous Medical Advisory Systems 自主医疗咨询系统的信任量化

2021 18th International Conference on Privacy, Security and Trust (PST) Pub Date : 2021-12-13 DOI: 10.1109/PST52912.2021.9647818

Mini Thomas, Reza Samavi, Thomas E. Doyle

引用次数: 1

Updatable Linear Map Commitments and Their Applications in Elementary Databases 可更新线性映射承诺及其在基础数据库中的应用

2021 18th International Conference on Privacy, Security and Trust (PST) Pub Date : 2021-12-13 DOI: 10.1109/PST52912.2021.9647740

Guiwen Luo, Shihui Fu, G. Gong

{"title":"Updatable Linear Map Commitments and Their Applications in Elementary Databases","authors":"Guiwen Luo, Shihui Fu, G. Gong","doi":"10.1109/PST52912.2021.9647740","DOIUrl":"https://doi.org/10.1109/PST52912.2021.9647740","url":null,"abstract":"Linear map commitments allow the prover to commit to a vector, with the ability to prove the image of a linear map acting on the vector. In this paper, we propose linear map commitments with updatable feature and perfectly hiding property. Updatable feature means that the prover can update the commitment more efficiently than recompute the commitment when some of the entries in the committed vector are changed. Perfectly hiding property ensures the commitment reveals no information about the committed vector before opening. Then we present the implementation of our updatable linear map commitment (ULMC) over the 256-bit BN curve recommended in the SM9 standard, which provides around 100-bit security. The implementation shows that our ULMC schemes are efficient enough to support the elementary database constructions that simultaneously permit batching membership test, linear combination test, updatable feature and authenticity. Finally, we show that the ULMC-powered elementary databases are capable of supporting various applications where privacy and trust are the first priority such as exam result management systems, Internet of Things (IoT) management systems and business operations between banks and enterprises.","PeriodicalId":144610,"journal":{"name":"2021 18th International Conference on Privacy, Security and Trust (PST)","volume":"208 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-12-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132687436","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Clustering based opcode graph generation for malware variant detection 基于聚类的恶意软件变体检测操作码图生成

2021 18th International Conference on Privacy, Security and Trust (PST) Pub Date : 2021-12-13 DOI: 10.1109/PST52912.2021.9647814

Fok Kar Wai, V. Thing

{"title":"Clustering based opcode graph generation for malware variant detection","authors":"Fok Kar Wai, V. Thing","doi":"10.1109/PST52912.2021.9647814","DOIUrl":"https://doi.org/10.1109/PST52912.2021.9647814","url":null,"abstract":"Malwares are the key means leveraged by threat actors in the cyber space for their attacks. There is a large array of commercial solutions in the market and significant scientific research to tackle the challenge of the detection and defense against malwares. At the same time, attackers also advance their capabilities in creating polymorphic and metamorphic malwares to make it increasingly challenging for existing solutions. To tackle this issue, we propose a methodology to perform malware detection and family attribution. The proposed methodology first performs the extraction of opcodes from malwares in each family and constructs their respective opcode graphs. We explore the use of clustering algorithms on the opcode graphs to detect clusters of malwares within the same malware family. Such clusters can be seen as belonging to different sub-family groups. Opcode graph signatures are built from each detected cluster. Hence, for each malware family, a group of signatures is generated to represent the family. These signatures are used to classify an unknown sample as benign or belonging to one the malware families. We evaluate our methodology by performing experiments on a dataset consisting of both benign files and malware samples belonging to a number of different malware families and comparing the results to existing approach.","PeriodicalId":144610,"journal":{"name":"2021 18th International Conference on Privacy, Security and Trust (PST)","volume":"30 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-12-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132256170","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

An Effective Intrusion Detection Model for Class-imbalanced Learning Based on SMOTE and Attention Mechanism 基于SMOTE和注意机制的类不平衡学习入侵检测模型

2021 18th International Conference on Privacy, Security and Trust (PST) Pub Date : 2021-12-13 DOI: 10.1109/PST52912.2021.9647756

X. Jiao, Jinguo Li

{"title":"An Effective Intrusion Detection Model for Class-imbalanced Learning Based on SMOTE and Attention Mechanism","authors":"X. Jiao, Jinguo Li","doi":"10.1109/PST52912.2021.9647756","DOIUrl":"https://doi.org/10.1109/PST52912.2021.9647756","url":null,"abstract":"With the rapid development of the Internet of Things, the continuous emergence of network attacks has brought great threats to network security. Many methods based on deep learning have been applied in detecting intrusion. However, most of these studies ignore the imbalance of network traffic, and the focus on intrusion detection is to find a small number of attack samples. Therefore, they have low accuracy in classifying network attack samples that are far less than normal traffic. In this article, we establish an intrusion detection model SE-DAS(SMOTE and Edited Nearest Neighbours with Dual Attention SRU, SEDAS), which uses the SE algorithm to balance the minority samples in network intrusion detection. Specifically, we use the feature attention mechanism to analyze the relationship between historical information and input features, and extract important features. A timing attention mechanism is used to independently select historical information at key time points in the SRU(Simple Recurrent Units) network to improve the stability of the model detection efficiency. The experimental results on the UNSW-NB15 dataset show that the detection effect of the model on minority categories is 0.037 higher than the macro-average ROC(Receiver Operating Characteristic Curve) area using the original SMOTE algorithm, and the recall rate reaches 98.65%, which is better than similar deep learning models.","PeriodicalId":144610,"journal":{"name":"2021 18th International Conference on Privacy, Security and Trust (PST)","volume":"43 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-12-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131342427","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 2

A Hybrid Secure Computation Framework for Graph Neural Networks 图神经网络的混合安全计算框架

2021 18th International Conference on Privacy, Security and Trust (PST) Pub Date : 2021-12-13 DOI: 10.1109/PST52912.2021.9647843

Yixuan Ren, Yixin Jie, Qingtao Wang, Bin Zhang, Chi Zhang, Lingbo Wei

{"title":"A Hybrid Secure Computation Framework for Graph Neural Networks","authors":"Yixuan Ren, Yixin Jie, Qingtao Wang, Bin Zhang, Chi Zhang, Lingbo Wei","doi":"10.1109/PST52912.2021.9647843","DOIUrl":"https://doi.org/10.1109/PST52912.2021.9647843","url":null,"abstract":"The Multi-party Secure Computation (MPC)-based methods for privacy-preserving Graph Neural Networks (GNNs) are still challenged by high communication overhead. Moreover, the security guarantee of most MPC-based methods can only defend against the semi-honest adversary, while a few methods which can defend against the malicious adversary will cause a further increase in communication overhead. Moreover, Software Guard Extensions (SGX), which can provide the data confidentiality and code integrity, has been considered as a novel solution to privacy-preserving GNN. Unfortunately, previous work has shown that SGX is vulnerable to side-channel attacks that deprive its confidentiality and preserve only its integrity. To solve the above problems, we propose an n-party secure computation framework for GNNs using SGX. This framework can reduce the communication overhead and improve the security guarantee without relying on the confidentiality of SGX. Specifically, both data holders and the server hold SGX. Data holders enrich the data and train the model by MPC efficiently with the assistance of the server. SGX ensures integrity, where data holders and the server must execute according to protocols, so malicious adversaries cannot deviate from the protocol to breach privacy and security. Even if the confidentiality of SGX was breached, the adversary could only access the ciphertext in MPC instead of the plaintext. We conduct experiments on public datasets to demonstrate that our framework has achieved comparable performance with traditional GNNs and perform security analysis to validate that our framework satisfies security and privacy requirements.","PeriodicalId":144610,"journal":{"name":"2021 18th International Conference on Privacy, Security and Trust (PST)","volume":"139 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-12-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114425690","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 2

A Novel Trust Model In Detecting Final-Phase Attacks in Substations 一种检测变电站最后阶段攻击的新型信任模型

2021 18th International Conference on Privacy, Security and Trust (PST) Pub Date : 2021-12-13 DOI: 10.1109/PST52912.2021.9647848

K. Boakye-Boateng, A. Ghorbani, Arash Habibi Lashkari

{"title":"A Novel Trust Model In Detecting Final-Phase Attacks in Substations","authors":"K. Boakye-Boateng, A. Ghorbani, Arash Habibi Lashkari","doi":"10.1109/PST52912.2021.9647848","DOIUrl":"https://doi.org/10.1109/PST52912.2021.9647848","url":null,"abstract":"A substation’s security is paramount because it is an integral part of the Smart Grid for the transmission and distribution of electricity. Advanced persistent threats (APTs) have become the bane of the substation because they can remain undetected for a period until final attacks are launched. A lot of existing techniques may not be real-time enough to detect these final attacks. Trust, even though less investigated, can be used to tackle these attacks. In this paper, we present a trust model designed specifically for the Modbus communication protocol that can detect final attacks from APTs when a substation is compromised. This model is formed from the perspective of the substation device and was successfully tested on two publicly available Modbus datasets under three testing scenarios. The external test, the internal test, and the internal test with IP-MAC blacklisting. The first test assumes attackers’ IP, and MAC addresses are not part of the substation network, and the other two assume otherwise. Our model detected the attacks within each dataset and also revealed the attack behaviour within the two datasets. Our model can also be extended to other protocols, and this has been marked for future work.","PeriodicalId":144610,"journal":{"name":"2021 18th International Conference on Privacy, Security and Trust (PST)","volume":"18 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-12-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133248591","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 2

GAIROSCOPE: Leaking Data from Air-Gapped Computers to Nearby Smartphones using Speakers-to-Gyro Communication GAIROSCOPE:使用扬声器到陀螺仪通信将数据从气隙计算机泄漏到附近的智能手机

2021 18th International Conference on Privacy, Security and Trust (PST) Pub Date : 2021-12-13 DOI: 10.1109/PST52912.2021.9647842

Mordechai Guri

{"title":"GAIROSCOPE: Leaking Data from Air-Gapped Computers to Nearby Smartphones using Speakers-to-Gyro Communication","authors":"Mordechai Guri","doi":"10.1109/PST52912.2021.9647842","DOIUrl":"https://doi.org/10.1109/PST52912.2021.9647842","url":null,"abstract":"It is known that malware can leak data from isolated, air-gapped computers to nearby smartphones using ultrasonic waves. However, this covert channel requires access to the smartphone’s microphone, which is highly protected in Android OS and iOS, and might be non-accessible, disabled, or blocked. In this paper we present ‘GAIROSCOPE,’ an ultrasonic covert channel that doesn’t require a microphone on the receiving side. Our malware generates ultrasonic tones in the resonance frequencies of the MEMS gyroscope. These inaudible frequencies produce tiny mechanical oscillations within the smartphone’s gyroscope, which can be demodulated into binary information. Notably, the gyroscope in smartphones is considered to be a ’safe’ sensor that can be used freely from mobile apps and javascript. We introduce the adversarial attack model and present related work. We provide the relevant technical background and show the design and implementation of GAIROSCOPE. We present the evaluation results and discuss a set of countermeasures to this threat. Our experiments show that attackers can exfiltrate sensitive information from air-gapped computers to a smartphone located a few meters away via Speakers-to-Gyroscope covert channel.","PeriodicalId":144610,"journal":{"name":"2021 18th International Conference on Privacy, Security and Trust (PST)","volume":"28 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-12-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122023452","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 3

API-Based Ransomware Detection Using Machine Learning-Based Threat Detection Models 基于api的勒索软件检测:基于机器学习的威胁检测模型

2021 18th International Conference on Privacy, Security and Trust (PST) Pub Date : 2021-12-13 DOI: 10.1109/PST52912.2021.9647816

May Almousa, Sai Basavaraju, Mohd Anwar

{"title":"API-Based Ransomware Detection Using Machine Learning-Based Threat Detection Models","authors":"May Almousa, Sai Basavaraju, Mohd Anwar","doi":"10.1109/PST52912.2021.9647816","DOIUrl":"https://doi.org/10.1109/PST52912.2021.9647816","url":null,"abstract":"Ransomware is a major malware attack experienced by large corporations and healthcare services. Ransomware employs the idea of cryptovirology, which uses cryptography to design malware. The goal of ransomware is to extort ransom by threatening the victim with the destruction of their data. Ransomware typically involves a 3-step process: analyzing the victim’s network traffic, identifying a vulnerability, and then exploiting it. Thus, the detection of ransomware has become an important undertaking that involves various sophisticated solutions for improving security. To further enhance ransomware detection capabilities, this paper focuses on an Application Programming Interface (API)-based ransomware detection approach in combination with machine learning (ML) techniques. The focus of this research is (i) understanding the life cycle of ransomware on the Windows platform, (ii) dynamic analysis of ransomware samples to extract various features of malicious code patterns, and (iii) developing and validating machine learning-based ransomware detection models on different ransomware and benign samples. Data were collected from publicly available repositories and subjected to sandbox analysis for sampling. The sampled datasets were applied to build machine learning models. The grid search hyperparameter optimization algorithm was employed to obtain the best fit model; the results were cross-validated with the testing datasets. This analysis yielded a high ransomware detection accuracy of 99.18% for Windows-based platforms and shows the potential for achieving high-accuracy ransomware detection capabilities when using a combination of API calls and an ML model. This approach can be further utilized with existing multilayer security solutions to protect critical data from ransomware attacks.","PeriodicalId":144610,"journal":{"name":"2021 18th International Conference on Privacy, Security and Trust (PST)","volume":"18 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-12-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125029283","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 8

User Profiling on Universal Data Insights tool on IBM Cloud Pak for Security IBM Cloud Pak for Security上通用数据洞察工具的用户分析

2021 18th International Conference on Privacy, Security and Trust (PST) Pub Date : 2021-12-13 DOI: 10.1109/PST52912.2021.9647794

Farzaneh Shoeleh, Masoud Erfani, Saeed Shafiee Hasanabadi, Duc-Phong Le, Arash Habibi Lashkari, Adam Frank, A. Ghorbani

{"title":"User Profiling on Universal Data Insights tool on IBM Cloud Pak for Security","authors":"Farzaneh Shoeleh, Masoud Erfani, Saeed Shafiee Hasanabadi, Duc-Phong Le, Arash Habibi Lashkari, Adam Frank, A. Ghorbani","doi":"10.1109/PST52912.2021.9647794","DOIUrl":"https://doi.org/10.1109/PST52912.2021.9647794","url":null,"abstract":"User profiling is one of the most important research topics where organizations endeavour to establish profiles of user activities to detect or predict potential abnormal behaviours. Previous researches have mainly focused on detecting and identifying static activities through social media. A universal analysis based on streaming settings to monitor user activities continuously is missing. This paper proposes a framework for user profiling based on UDI platforms to address this issue. Our framework consists of three main steps: simulating realistic scenarios for user activities, proposing and extracting potential features, and applying machine learning models on simulated datasets. Our experimental results show that selected machine learning algorithms can distinguish most abnormal behaviours correctly. LODA, RRCF, and LSCP algorithms achieve the highest performance among all algorithms. Tree-based algorithms such as Isolation Forest acquire the best results when considering small datasets and speed. Furthermore, machine learning algorithms’ performance demonstrates the high quality of our simulated datasets.","PeriodicalId":144610,"journal":{"name":"2021 18th International Conference on Privacy, Security and Trust (PST)","volume":"16 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-12-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127288640","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

EPSim-GS: Efficient and Privacy-Preserving Similarity Range Query over Genomic Sequences EPSim-GS:高效且隐私保护的基因组序列相似性范围查询

2021 18th International Conference on Privacy, Security and Trust (PST) Pub Date : 2021-12-13 DOI: 10.1109/PST52912.2021.9647830

Jiacheng Jin, Yandong Zheng, Pulei Xiong

{"title":"EPSim-GS: Efficient and Privacy-Preserving Similarity Range Query over Genomic Sequences","authors":"Jiacheng Jin, Yandong Zheng, Pulei Xiong","doi":"10.1109/PST52912.2021.9647830","DOIUrl":"https://doi.org/10.1109/PST52912.2021.9647830","url":null,"abstract":"Similarity query over genomic sequences has played a significant role in personalized medicine and has applications in various fields, including DNA alignment and genomic sequencing. Since handling genomic sequences requires massive storage and considerable computational capacity, service providers prefer to process similarity queries over genomic sequences on cloud servers rather than at the client side. Due to the sensitivity of genomic sequences, preserving the privacy of queries has attracted considerable attention, and as a result, genomic sequences are demanded to be outsourced in an encrypted form. Although many schemes have been proposed for similarity queries over encrypted genomic data, they are either inefficient or have limitations in supporting the dynamic update of the dataset. To address the challenges, we propose an efficient and privacy-preserving similarity range query scheme, namely EPSim-GS. First, we introduce how to build a hash table to index the dataset, and present a similarity range query algorithm based on the hash table. Then, we design two cloud-based privacy-preserving protocols based on the Paillier cryptosystem to support the similarity range query algorithm over the encrypted dataset. After that, we propose EPSim-GS by leveraging the two privacy-preserving protocols. We then analyze the security of EPSim-GS and prove that it is privacy-preserving. Finally, we perform experiments to evaluate the scheme’s performance, and the results indicate that it is computationally efficient.","PeriodicalId":144610,"journal":{"name":"2021 18th International Conference on Privacy, Security and Trust (PST)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-12-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128996281","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 1